<%-- 
    Document   : checklogin
    Created on : Jun 16, 2012, 9:55:07 AM
    Author     : Administrator
--%>

<%@page import="java.sql.ResultSet"%>
<%@page import="dbTool.functions"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Check Login Page</title>
    </head>
    <body>
        <%
            String username = request.getParameter("user");
            String password = request.getParameter("pass").toString().trim();
            if (username == null || password == null) {
                session.setAttribute("error", "User and passworld not empty");
                response.sendRedirect("login.jsp");
            }
            functions t = new functions();
//            String pass = t.getmd5(password).trim();
            ResultSet a = t.checklogin(username, password);
            
            if (a.next()) {                
                int role = Integer.parseInt(a.getInt("role")+"");
                if (role ==1){
                    if (a.getBoolean("status")) {
                        session.setAttribute("username", username);
                        session.setAttribute("role", role+"");
                        response.sendRedirect("staff.jsp");
                        //out.print("<script>alert('Login succsessfull.'); window.location='home.jsp';</script>");
                    //} else {
                      //  session.setAttribute("error", "Can not login! Account is locked!");
                        //response.sendRedirect("login.jsp");
                    }

                } else if (role==2){
                    if (a.getBoolean("status")) {
                        session.setAttribute("username", username);
                        session.setAttribute("role", role+"");
                        response.sendRedirect("staff.jsp");
                    } else {
                        session.setAttribute("error", "Can not login! Account is locked!");
                        response.sendRedirect("login.jsp");
                    }

                } else if (role==3){
                    if (a.getBoolean("status")) {
                        session.setAttribute("username", username);
                        session.setAttribute("role", role+"");
                        response.sendRedirect("staff.jsp");
                    } else {
                        session.setAttribute("error", "Can not login! Account is locked!");
                        response.sendRedirect("login.jsp");
                    }

                }                
            } else {
                session.setAttribute("error", "Wrong user or password!");
                response.sendRedirect("login.jsp");
            }
        %>
    </body>
</html>
